A few utilities to work with JWTs.

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

Automated Adversary Emulation Platform

Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure

This repository showcases my Software QA skills, from the fundamentals to advanced automation and security testing. Quickly assess my capabilities with a clear breakdown of my expertise in test case design, bug reporting, various testing techniques, and more.

Community generated list of API security tests to find OWASP top10, HackerOne top 10 vulnerabilities

one-stop resource for all things offensive security.

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

SecHub provides a central API to test software with different security tools.

secureCodeBox (SCB) - continuous secure delivery out of the box

Generate a variety of suspect actions that are detected by Falco rulesets

A command line tool for running a honeypot server.

eclipse plugin for sechub https://marketplace.eclipse.org/content/sechub

intellij plugin for sechub

VSCode/VSCodium/Eclipse Theia plugin for sechub

EMBArk - The firmware security scanning environment

REXEC-Hunt is an initial Bash script for identifying web app vulnerabilities leading to remote code execution. A foundational tool to automate detection, REXEC-Hunt is a stepping stone towards a comprehensive scanner. Clone, run, and probe URLs safely.

Generator of static files(csv, jpeg, png, pdf) for testing file upload. It can generate csv and png files of any number of bytes!

Cyber Security Notes, Methodology, Resources and Tips

Automation script for a good start for security testing of a web application